An organization's security team has detected multiple unsanctioned items on the network. Which action is best for limiting the liabilities associated with these newly detected entries?
Create a separate list and respond if an incident arises
Mark them in a spreadsheet but keep them out of detection tools to avoid alerts
Remove them from the network to lessen unauthorized usage
Perform thorough evaluation, update official records, and track them in ongoing scanning processes
A thorough evaluation and official inventory update promote visibility into possible risks. When these items are included in official records and scanned regularly, they are accounted for in vulnerability assessments, patching, and security policies. Solutions that simply remove them from the network or keep them out of detection tools may hide potential exposures or disrupt operations. Creating a separate list and acting only if an incident occurs does not protect the network if threats appear in the meantime, resulting in a potential gap in awareness and management.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is updating official records important for managing unauthorized network items?
Open an interactive chat with Bash
What is the role of ongoing scanning processes in network security?
Open an interactive chat with Bash
Why is immediately removing unsanctioned devices not the best approach?